admin/38443-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Version secure A

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-16 18:44:13 +00:00
parent 2bda3a08f3
commit f9c70d9be2
4 changed files with 36 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
assets/js/main.js
View File

@ -907,7 +907,7 @@ document.addEventListener('DOMContentLoaded', () => {
<div style="flex: 1;">
<div class="message-author" style="font-size: 0.85em; ${authorStyle}">
${escapeHTML(msg.username)}
${renderRoleIconJS(msg.role_icon, '12px')}
${renderRoleIconJS(msg.role_icon, '14px')}
<span class="message-time">${msg.time}</span>
</div>
<div class="message-text" style="font-size: 0.9em;">
@ -957,7 +957,7 @@ document.addEventListener('DOMContentLoaded', () => {
<div class="d-flex flex-wrap gap-1">
${roles.map(r => `
<span class="badge rounded-pill d-flex align-items-center" style="background-color: rgba(0,0,0,0.3); border: 1px solid ${r.color}; font-size: 0.7em; color: ${r.color}; font-weight: 500; padding: 2px 8px;">
${r.icon_url ? `<img src="${r.icon_url}" style="width: 12px; height: 12px; margin-right: 4px; object-fit: contain;">` : ''}
${r.icon_url ? `<img src="${r.icon_url}" style="width: 14px; height: 14px; margin-right: 4px; object-fit: contain;">` : ''}
${escapeHTML(r.name)}
</span>
`).join('')}
@ -1133,7 +1133,7 @@ document.addEventListener('DOMContentLoaded', () => {
availableRoles.forEach(role => {
const li = document.createElement('li');
li.innerHTML = `<a class="dropdown-item d-flex align-items-center gap-2 py-2" href="#">
<div style="width: 12px; height: 12px; border-radius: 50%; background-color: ${role.color || '#99aab5'}; border: 1px solid rgba(255,255,255,0.1);"></div>
<div style="width: 14px; height: 14px; border-radius: 50%; background-color: ${role.color || '#99aab5'}; border: 1px solid rgba(255,255,255,0.1);"></div>
<span style="color: #dbdee1; font-size: 0.9em;">${role.name}</span>
</a>`;
li.onclick = async (e) => {
@ -1544,7 +1544,7 @@ document.addEventListener('DOMContentLoaded', () => {
} catch (e) { console.error(e); }
}
function renderRoleIconJS(icon, size = '12px') {
function renderRoleIconJS(icon, size = '14px') {
if (!icon) return '';
const isUrl = icon.startsWith('http') || icon.startsWith('/');
if (isUrl) {
@ -1584,7 +1584,7 @@ document.addEventListener('DOMContentLoaded', () => {
item.style.marginBottom = '8px';
item.style.cursor = 'pointer';
const roleIconHtml = renderRoleIconJS(m.role_icon, '12px');
const roleIconHtml = renderRoleIconJS(m.role_icon, '14px');
const avatarBg = m.avatar_url ? `background-image: url('${m.avatar_url}');` : '';
const statusColor = m.status === 'online' ? '#23a559' : '#80848e';
@ -1609,7 +1609,7 @@ document.addEventListener('DOMContentLoaded', () => {
authorEl.style.color = member.role_color || 'inherit';
// Try to update icon if it exists or add it if it doesn't
let iconEl = authorEl.querySelector('.role-icon, span.ms-1');
const newIconHtml = renderRoleIconJS(member.role_icon, '12px');
const newIconHtml = renderRoleIconJS(member.role_icon, '14px');
if (newIconHtml) {
if (iconEl) {
@ -1638,7 +1638,7 @@ document.addEventListener('DOMContentLoaded', () => {
const item = document.createElement('div');
item.className = 'list-group-item bg-transparent text-white border-secondary d-flex justify-content-between align-items-center p-2 mb-1 rounded role-sortable-item';
item.dataset.id = role.id;
const roleIconHtml = renderRoleIconJS(role.icon_url, '12px');
const roleIconHtml = renderRoleIconJS(role.icon_url, '14px');
item.innerHTML = `
<div class="d-flex align-items-center">
<div class="role-drag-handle me-3" style="cursor: grab; opacity: 0.5;">
@ -1698,7 +1698,7 @@ document.addEventListener('DOMContentLoaded', () => {
const item = document.createElement('div');
item.className = 'list-group-item bg-transparent text-white border-secondary d-flex justify-content-between align-items-center p-2 mb-2 rounded bg-dark';
const roleIconHtml = renderRoleIconJS(member.role_icon, '12px');
const roleIconHtml = renderRoleIconJS(member.role_icon, '14px');
item.innerHTML = `
<div class="d-flex align-items-center flex-grow-1">
@ -2160,7 +2160,7 @@ document.addEventListener('DOMContentLoaded', () => {
div.className = 'd-flex justify-content-between align-items-center mb-2 p-2 bg-dark rounded';
div.innerHTML = `
<div class="d-flex align-items-center">
<div style="width: 12px; height: 12px; border-radius: 50%; background-color: ${tag.color}; margin-right: 8px;"></div>
<div style="width: 14px; height: 14px; border-radius: 50%; background-color: ${tag.color}; margin-right: 8px;"></div>
<span>${tag.name}</span>
</div>
<button class="btn btn-sm text-danger delete-forum-tag-btn" data-id="${tag.id}">×</button>
@ -2448,7 +2448,7 @@ document.addEventListener('DOMContentLoaded', () => {
function parseCustomEmotes(text) {
let parsed = escapeHTML(text);
(window.CUSTOM_EMOTES_CACHE || []).forEach(emote => {
const imgHtml = `<img src="${emote.path}" alt="${emote.name}" title="${emote.code}" style="width: 22px; height: 22px; vertical-align: middle; object-fit: contain;">`;
const imgHtml = `<img src="${emote.path}" alt="${emote.name}" title="${emote.code}" style="width: 24px; height: 24px; vertical-align: middle; object-fit: contain;">`;
parsed = parsed.split(emote.code).join(imgHtml);
});
return parsed;
@ -2543,7 +2543,7 @@ document.addEventListener('DOMContentLoaded', () => {
<div class="message-header">
<span class="message-username" style="color: ${msg.role_color || 'inherit'};">
${escapeHTML(msg.username)}
${renderRoleIconJS(msg.role_icon, '12px')}
${renderRoleIconJS(msg.role_icon, '14px')}
</span>
<span class="message-timestamp">${msg.timestamp || 'Just now'}</span>
${pinnedBadge}

1
debug_reorder.log
View File

@ -12,3 +12,4 @@
2026-02-16 03:07:52 - Server: 1 - Orders: [{"id":"11","position":0,"category_id":null},{"id":"16","position":1,"category_id":null},{"id":"12","position":2,"category_id":null},{"id":"10","position":3,"category_id":null},{"id":"1","position":4,"category_id":"10"},{"id":"6","position":5,"category_id":"10"},{"id":"15","position":6,"category_id":"10"},{"id":"2","position":7,"category_id":"10"},{"id":"14","position":8,"category_id":null},{"id":"13","position":9,"category_id":null},{"id":"9","position":10,"category_id":null},{"id":"3","position":11,"category_id":null}]
2026-02-16 03:08:33 - Server: 1 - Orders: [{"id":"11","position":0,"category_id":null},{"id":"17","position":1,"category_id":null},{"id":"12","position":2,"category_id":null},{"id":"10","position":3,"category_id":null},{"id":"1","position":4,"category_id":"10"},{"id":"6","position":5,"category_id":"10"},{"id":"15","position":6,"category_id":"10"},{"id":"2","position":7,"category_id":"10"},{"id":"14","position":8,"category_id":null},{"id":"13","position":9,"category_id":null},{"id":"9","position":10,"category_id":null},{"id":"3","position":11,"category_id":null}]
2026-02-16 03:09:18 - Server: 1 - Orders: [{"id":"11","position":0,"category_id":null},{"id":"17","position":1,"category_id":null},{"id":"12","position":2,"category_id":null},{"id":"10","position":3,"category_id":null},{"id":"1","position":4,"category_id":"10"},{"id":"6","position":5,"category_id":"10"},{"id":"15","position":6,"category_id":"10"},{"id":"2","position":7,"category_id":"10"},{"id":"18","position":8,"category_id":"10"},{"id":"14","position":9,"category_id":null},{"id":"13","position":10,"category_id":null},{"id":"9","position":11,"category_id":null},{"id":"3","position":12,"category_id":null}]
2026-02-16 18:43:44 - Server: 1 - Orders: [{"id":"11","position":0,"category_id":null},{"id":"17","position":1,"category_id":null},{"id":"12","position":2,"category_id":null},{"id":"19","position":3,"category_id":null},{"id":"10","position":4,"category_id":null},{"id":"1","position":5,"category_id":"10"},{"id":"6","position":6,"category_id":"10"},{"id":"15","position":7,"category_id":"10"},{"id":"2","position":8,"category_id":"10"},{"id":"18","position":9,"category_id":"10"},{"id":"14","position":10,"category_id":null},{"id":"13","position":11,"category_id":null},{"id":"9","position":12,"category_id":null},{"id":"3","position":13,"category_id":null}]

12
index.php
View File

@ -3,7 +3,7 @@
file_put_contents('requests.log', date('Y-m-d H:i:s') . " - " . $_SERVER['REQUEST_METHOD'] . " " . $_SERVER['REQUEST_URI'] . " - POST: " . json_encode($_POST) . "\n", FILE_APPEND);
require_once 'auth/session.php';
function renderRoleIcon($icon, $size = '12px') {
function renderRoleIcon($icon, $size = '14px') {
if (empty($icon)) return '';
$isUrl = (strpos($icon, 'http') === 0 || strpos($icon, '/') === 0);
$isFa = (strpos($icon, 'fa-') === 0);
@ -41,7 +41,7 @@ function parse_emotes($content) {
$result = htmlspecialchars($content);
foreach ($custom_emotes_cache as $ce) {
$emote_html = '<img src="' . htmlspecialchars($ce['path']) . '" alt="' . htmlspecialchars($ce['name']) . '" title="' . htmlspecialchars($ce['code']) . '" style="width: 22px; height: 22px; vertical-align: middle; object-fit: contain;">';
$emote_html = '<img src="' . htmlspecialchars($ce['path']) . '" alt="' . htmlspecialchars($ce['name']) . '" title="' . htmlspecialchars($ce['code']) . '" style="width: 24px; height: 24px; vertical-align: middle; object-fit: contain;">';
$result = str_replace($ce['code'], $emote_html, $result);
}
return $result;
@ -592,7 +592,7 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
<div class="message-content">
<div class="message-author" style="<?php echo !empty($m['role_color']) ? "color: {$m['role_color']};" : ""; ?>">
<?php echo htmlspecialchars($m['username']); ?>
<?php echo renderRoleIcon($m['role_icon'], '12px'); ?>
<?php echo renderRoleIcon($m['role_icon'], '14px'); ?>
<span class="message-time"><?php echo date('H:i', strtotime($m['created_at'])); ?></span>
<?php if ($is_solution): ?>
<span class="badge bg-success ms-2">SOLUTION</span>
@ -817,7 +817,7 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
<div class="message-header">
<span class="message-author" style="<?php echo !empty($m['role_color']) ? "color: {$m['role_color']};" : ""; ?>">
<?php echo htmlspecialchars($m['username']); ?>
<?php echo renderRoleIcon($m['role_icon'], '12px'); ?>
<?php echo renderRoleIcon($m['role_icon'], '14px'); ?>
</span>
<span class="message-time"><?php echo date('H:i', strtotime($m['created_at'])); ?></span>
<?php if ($m['is_pinned']): ?>
@ -838,7 +838,7 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
$custom_emotes_cache = db()->query("SELECT name, path, code FROM custom_emotes")->fetchAll();
}
foreach ($custom_emotes_cache as $ce) {
$emote_html = '<img src="' . htmlspecialchars($ce['path']) . '" alt="' . htmlspecialchars($ce['name']) . '" title="' . htmlspecialchars($ce['code']) . '" style="width: 22px; height: 22px; vertical-align: middle; object-fit: contain;">';
$emote_html = '<img src="' . htmlspecialchars($ce['path']) . '" alt="' . htmlspecialchars($ce['name']) . '" title="' . htmlspecialchars($ce['code']) . '" style="width: 24px; height: 24px; vertical-align: middle; object-fit: contain;">';
$msg_content = str_replace($ce['code'], $emote_html, $msg_content);
}
@ -979,7 +979,7 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
</div>
<span style="overflow: hidden; text-overflow: ellipsis; white-space: nowrap; <?php echo !empty($m['role_color']) ? "color: {$m['role_color']};" : ""; ?>">
<?php echo htmlspecialchars($m['username']); ?>
<?php echo renderRoleIcon($m['role_icon'], '12px'); ?>
<?php echo renderRoleIcon($m['role_icon'], '14px'); ?>
</span>
</div>
<?php endforeach; ?>

18
requests.log
View File

@ -253,3 +253,21 @@
2026-02-16 17:41:16 - GET / - POST: []
2026-02-16 17:41:28 - GET /?fl_project=38443 - POST: []
2026-02-16 18:00:22 - GET /index.php?server_id=1&channel_id=17 - POST: []
2026-02-16 18:03:21 - GET /?fl_project=38443 - POST: []
2026-02-16 18:23:09 - GET /index.php?server_id=1&channel_id=17 - POST: []
2026-02-16 18:29:00 - GET /index.php?server_id=1&channel_id=11 - POST: []
2026-02-16 18:39:35 - GET /index.php?server_id=1&channel_id=17 - POST: []
2026-02-16 18:39:37 - GET /index.php?server_id=1&channel_id=12 - POST: []
2026-02-16 18:39:39 - GET /index.php?server_id=1&channel_id=17 - POST: []
2026-02-16 18:39:40 - GET /index.php?server_id=1&channel_id=11 - POST: []
2026-02-16 18:40:37 - GET /index.php?server_id=1&channel_id=18 - POST: []
2026-02-16 18:40:39 - GET /index.php?server_id=1&channel_id=6 - POST: []
2026-02-16 18:41:42 - GET /index.php?server_id=1&channel_id=15 - POST: []
2026-02-16 18:41:48 - GET /index.php?server_id=1&channel_id=2 - POST: []
2026-02-16 18:41:51 - GET /index.php?server_id=1&channel_id=18 - POST: []
2026-02-16 18:42:47 - GET /index.php?server_id=1 - POST: []
2026-02-16 18:42:50 - GET /index.php?server_id=1&channel_id=17 - POST: []
2026-02-16 18:43:03 - GET /index.php?server_id=1&channel_id=12 - POST: []
2026-02-16 18:43:06 - GET /index.php?server_id=1&channel_id=17 - POST: []
2026-02-16 18:43:30 - GET /index.php?server_id=1&channel_id=12 - POST: []
2026-02-16 18:43:38 - GET /index.php?server_id=1&channel_id=19 - POST: []